[PATCH 5.10 0/1] staging: rtl8192u: Add null check in rtl8192_usb

linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH 5.10 0/1] staging: rtl8192u: Add null check in rtl8192_usb_initendpoints
@ 2023-03-30 20:11 Danila Chernetsov
  2023-03-30 20:11 ` [PATCH 5.10 1/1] " Danila Chernetsov
  0 siblings, 1 reply; 3+ messages in thread
From: Danila Chernetsov @ 2023-03-30 20:11 UTC (permalink / raw)
  To: stable, Greg Kroah-Hartman
  Cc: Danila Chernetsov, Dinghao Liu, linux-staging, linux-kernel,
	lvc-project

SVACE reports return value of a function 'usb_alloc_urb' is dereferenced
 without checking for null in 5.10 stable releases.
The problem has been fixed by the following 
patch which can be cleanly applied to the 5.10 branch.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [PATCH 5.10 1/1] staging: rtl8192u: Add null check in rtl8192_usb_initendpoints
  2023-03-30 20:11 [PATCH 5.10 0/1] staging: rtl8192u: Add null check in rtl8192_usb_initendpoints Danila Chernetsov
@ 2023-03-30 20:11 ` Danila Chernetsov
  2023-03-30 20:52   ` Greg Kroah-Hartman
  0 siblings, 1 reply; 3+ messages in thread
From: Danila Chernetsov @ 2023-03-30 20:11 UTC (permalink / raw)
  To: stable, Greg Kroah-Hartman
  Cc: Danila Chernetsov, Dinghao Liu, linux-staging, linux-kernel,
	lvc-project

From: Dinghao Liu <dinghao.liu@zju.edu.cn>

commit 4d5f81506835f7c1e5c71787bed84984faf05884 upstream.

There is an allocation for priv->rx_urb[16] has no null check,
which may lead to a null pointer dereference.

Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn>
Link: https://lore.kernel.org/r/20201226080258.6576-1-dinghao.liu@zju.edu.cn
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Danila Chernetsov <listdansp@mail.ru>
---
 drivers/staging/rtl8192u/r8192U_core.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/staging/rtl8192u/r8192U_core.c b/drivers/staging/rtl8192u/r8192U_core.c
index 7f90af8a7c7c..e0fec7d172da 100644
--- a/drivers/staging/rtl8192u/r8192U_core.c
+++ b/drivers/staging/rtl8192u/r8192U_core.c
@@ -1608,6 +1608,8 @@ static short rtl8192_usb_initendpoints(struct net_device *dev)
 		void *oldaddr, *newaddr;
 
 		priv->rx_urb[16] = usb_alloc_urb(0, GFP_KERNEL);
+		if (!priv->rx_urb[16])
+			return -ENOMEM;
 		priv->oldaddr = kmalloc(16, GFP_KERNEL);
 		if (!priv->oldaddr)
 			return -ENOMEM;
-- 
2.25.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH 5.10 1/1] staging: rtl8192u: Add null check in rtl8192_usb_initendpoints
  2023-03-30 20:11 ` [PATCH 5.10 1/1] " Danila Chernetsov
@ 2023-03-30 20:52   ` Greg Kroah-Hartman
  0 siblings, 0 replies; 3+ messages in thread
From: Greg Kroah-Hartman @ 2023-03-30 20:52 UTC (permalink / raw)
  To: Danila Chernetsov
  Cc: stable, Dinghao Liu, linux-staging, linux-kernel, lvc-project

On Thu, Mar 30, 2023 at 08:11:07PM +0000, Danila Chernetsov wrote:
> From: Dinghao Liu <dinghao.liu@zju.edu.cn>
> 
> commit 4d5f81506835f7c1e5c71787bed84984faf05884 upstream.
> 
> There is an allocation for priv->rx_urb[16] has no null check,
> which may lead to a null pointer dereference.
> 
> Signed-off-by: Dinghao Liu <dinghao.liu@zju.edu.cn>
> Link: https://lore.kernel.org/r/20201226080258.6576-1-dinghao.liu@zju.edu.cn
> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Signed-off-by: Danila Chernetsov <listdansp@mail.ru>
> ---
>  drivers/staging/rtl8192u/r8192U_core.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/staging/rtl8192u/r8192U_core.c b/drivers/staging/rtl8192u/r8192U_core.c
> index 7f90af8a7c7c..e0fec7d172da 100644
> --- a/drivers/staging/rtl8192u/r8192U_core.c
> +++ b/drivers/staging/rtl8192u/r8192U_core.c
> @@ -1608,6 +1608,8 @@ static short rtl8192_usb_initendpoints(struct net_device *dev)
>  		void *oldaddr, *newaddr;
>  
>  		priv->rx_urb[16] = usb_alloc_urb(0, GFP_KERNEL);
> +		if (!priv->rx_urb[16])
> +			return -ENOMEM;

This was not marked for stable as it's impossible to hit in real-life.
So absent that, it's not needed in any stable kernel tree, unless you
can prove otherwise?

thanks,

greg k-h

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2023-03-30 20:53 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-03-30 20:11 [PATCH 5.10 0/1] staging: rtl8192u: Add null check in rtl8192_usb_initendpoints Danila Chernetsov
2023-03-30 20:11 ` [PATCH 5.10 1/1] " Danila Chernetsov
2023-03-30 20:52   ` Greg Kroah-Hartman

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).